Request access to Microsoft O365 for a person who has been authorized to work remotely outside of the United States.
Log in links for this page
- This page, Microsoft O365 International Access, is offered by
- Executive Office of Technology Services and Security
Microsoft O365 International Access
Contacts
EOTSS End User and IT Service Support
Phone
EOTSS End User IT Service Desk
Call EOTSS End User and IT Service Support, EOTSS End User IT Service Desk at (844) 435-7629
Support for Commonwealth end users and IT support personnel
Cybersecurity and Enterprise Risk Management
Online
For cybersecurity or risk management questions:
Email Cybersecurity and Enterprise Risk Management at ERM@mass.gov
The Details of Microsoft O365 International Access
Features for Microsoft O365 International Access
This request is for access to Microsoft O365 Internationally, and requires both Agency/Secretariat’s General Counsel or designee approval, and Agency/Secretariat’s CISO or designee approval.
This access is for a user who will work outside of the United States (American Samoa, Guam, Northern Mariana Islands, Puerto Rico, and the Virgin Islands require international access) on either a temporary, or semi-permanent basis. For users with a primary work location outside of the United States, (consultants, contractors, vendors, etc.) access must be reviewed on a regular basis.
Please request access at least 2 weeks prior. If requesting travel to a country on the deny-list - requires Enterprise EOTSS Chief Information Security Officer (CISO) approval.
How to request Microsoft O365 International Access
Designated Security Officers (DSOs) ONLY - will request on behalf of Commonwealth employees and their authorized business partners, whether or not currently supported by EOTSS.
Policies for Microsoft O365 International Access
A communication was sent to ITLs and DSOs on updates to the current catalog item.
IS.003 Access Management Standard – Information Systems -6.3.3 No system or database containing non public information shall be directly accessible from an untrusted network
IS.004 Asset Management Standard - 6.7 Endpoint Security -6.7.10 Ensure that Commonwealth-owned or managed devices do not leave the United States.
IS.006 Communication and Network Security Standard – 6.2 Remote Access Security Management -6.2.1 All external connections to the Commonwealth family of networks must be reviewed and approved by the Commonwealth CISO
DENY LIST (Updated April 17, 2024)
| Afghanistan |
| Belarus |
| Burkina Faso |
| Burma (Myanmar) |
| Burundi |
| Central African Republic |
| Chad |
| China |
| Columbia |
| Democratic Republic of the Congo |
| Egypt |
| El Salvador |
| Ethiopia |
| Guatemala |
| Guinea |
| Guinea-Bissau |
| Guyana |
| Haiti |
| Honduras |
| Iran |
| Iraq |
| Israel, the West Bank and Gaza |
| Jamaica |
| Lebanon |
| Libya |
| Macau |
| Mali |
| Mauritania |
| Mexico |
| Nicaragua |
| Niger |
| Nigeria |
| North Korea (Democratic People's Republic of Korea) |
| Pakistan |
| Papua New Guinea |
| Russia |
| Saudi Arabia |
| Somalia |
| South Sudan |
| Sudan |
| Syria |
| Trinidad and Tobago |
| Uganda |
| Ukraine |
| Venezuela |
| Yemen |
The list above was created by using a combination of sources from the federal government commerce ban, the CDC, and the US Department of State.
Refer to the U.S. Department of State for a listing of current travel advisories:
https://travel.state.gov/content/travel/en/traveladvisories/traveladvisories.html/
Contact for Microsoft O365 International Access
Phone
EOTSS End User IT Service Desk
Call EOTSS End User and IT Service Support, EOTSS End User IT Service Desk at (844) 435-7629
Support for Commonwealth end users and IT support personnel
Address
Online
For cybersecurity or risk management questions:
Email Cybersecurity and Enterprise Risk Management at ERM@mass.gov